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Reply to Office Action 

SUMMARY OF THE REJECTIONS/OBJECTIONS 

Claim 4 has been rejected under 35 U.S.C. § 1 12, second paragraph, as allegedly 
indefinite. Claims 1, 5, 7, 1 1, 14, 17, 18 and 20 have been rejected under 35 U.S.C. § 102(e) 
as allegedly anticipated by U.S. Patent Number 6,823,462 issued to Cheng et al (" ] Cheng "). 
Claims 2-4, 6, 8-10, 12-13, 15-16 and 19 have been rejected under 35 U.S.C. § 103(a) as 
allegedly unpatentable over Cheng in view of U.S. Patent Number 6,823,462 issued to 
Bendinelli et al. ("Bendinelli "). The rejections are respectfully traversed. 

RESPONSE TO REJECTIONS NOT BASED ON THE PRIOR ART 

Indefiniteness Rejections 

Claim 4 has been rejected under 35 U.S.C. § 1 12, second paragraph, as allegedly 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

The Office Action states Claim 4 is indefinite because the "specific protocol" set forth 
is unclear and there is no specific scope addressed in the specification as to where the 
"specific" protocol is referred (i.e., what is the scope with respect to). Applicant suggests 
review of FIG. 3 and page 13, lines 1-12 of the application, where the scope of "specific 
protocol," as used in Claim 4, is addressed and the usage of "specific protocol" becomes clear. 

Otherwise, at block 306, the initiator peer determines whether one of 
the packet summary and the TED response identifies IP, and the other 
identifies a specific protocol. (Page 13, lines 1-2). 

It is clear that the scope of the "specific protocol," as used in the application, 
comprises an individual protocol in a species of protocols other than IP. The adjective 
"specific" is used to delineate this distinct protocol as opposed to IP, and indicate that this 
"specific protocol" is relating to or characterizing one protocol of a species. Applicant 
respectfully requests reconsideration and withdrawal of the rejection. 
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RESPONSE TO REJECTIONS BASED ON THE PRIOR ART 

I. Claims 1, 5, 7, 11, 14, 17, 18 and 20 have been rejected under 35 U.S.C. § 102(e) 
as allegedly anticipated by U.S. Patent Number 6,823,462 issued to Cheng et al 
("Cheng"). 

The rejections are respectfully traversed. 

A. CLAIM 1 

Applicants respectfully submit that Cheng does not anticipate the Independent Claim 1 
for the following reasons. First, Cheng does not disclose the claimed "sending. . . a first 
description of network traffic that is to be protected. . nor the claimed "receiving. . . a 
second description of network traffic that is to be protected. . ." The Office Action cited FIG. 
4 and the following for this claim limitation (Office Action, page 3, item 3): 

IKE assumes that no secure channel, i.e., tunnel, currently exists and therefore 
it must initially establish one to protect any ISAKMP messages, (column 7, 
lines 23-25) 



FIG. 4 illustrates the flow of messages from the initiator node 110 to the 
responding node 110. The initiator node 110 is the node 110 that initiates 
sending messages or data in the tunnel 120. The responder node 110 is the 
node 110 that responds to the messages and data sent by the initiator node 110 
across the tunnel 120. An example of a responder node 110 maybe the server 
node 11 OA of FIG. 1. An example of an initiator node 110 may be any of the 
client nodes, e.g., nodes 110B-D of FIG. 1. In the first message, the initiator 
node 110 transfers its security policy to the responding node 110. The 
responding node 110 transfers its security policy to the initiator node 1 10 in 
the second message if the security policy of the responding node 110 
matches the security policy of the initiator node 110. In another 
embodiment, the responding node 110 transfers its security policy to the 
initiator node 110 in the second message if both nodes 110 agree on the same 
set of protection suites in their security policy at any point in time. (Column 7, 
lines 35-52) 
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Nothing in the cited section refers to, teaches, or suggests the claimed "description of 
network traffic that is to be protected. ..." The only "description of network traffic" being 
transmitted in Cheng is a " security policy ." According to Cheng, "The VPN security policy 
typically describes the characteristics of the protection for a particular traffic profile." 
{Cheng, column 6, lines 53-54) 

In no way does Cheng's "description of network traffic" (i.e., a "security policy" 
which is "characteristics of the protection for a particular traffic profile") teach or suggest the 
description of network traffic as claimed in the present application. The present application 
discloses an "initiator peer" generating "an exploratory packet for the purpose of discovering 
the identity of the endpoint of the secure tunnel that is to be established," also known as a 
TED probe, (page 9, lines 19-22) The TED probe sent by the initiator peer comprises a 
Vendor Payload, ID Payload, Proxy Address, and Summary Packet, (page 11, lines 10-1 1) Of 
these, the Summary Packet comprises: 

(1) a hash value based on a string value that identifies the maker of 
equipment that is sending the probe, such as an MD5 hash of the string 
"Cisco TED Probe version #3"; 

(2) a protocol version number associated with the endpoint discovery 
process as a whole; 

(3) an IP protocol version value, such as "4" for IPv4, or "6" for IPv6, etc.; 

(4) an IP address value of the source end host; 

(5) an IP address value of the destination end host; 

(6) a source port value from packet P, if any; and 

(7) a destination port value from packet P, if any. 

(pages 11-12, lines 19-24, 1-2) 

As is now obvious, the "description of network traffic that is to be protected" in the 
present application is not taught or suggested by Cheng's security policy . An anticipation 
rejection cannot stand if a rejected claim contains one or more elements, limitations or steps 
that are not found in the cited prior art reference. See Connell v. Sears, Roebuck & Co., 722 
F.2d 1542, 1548, 220 USPQ 193, 198 (Fed. Cir. 1983). 
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Second, Cheng does not disclose the claimed "creating and storing a third description 
of network traffic that is to be protected based on determining a logical intersection of 
the first description of network traffic and the second description of network traffic." 

The Office Action cited the following for this claim limitation (Office Action, page 3, item 3): 

The second phase refers to the negotiation of the security association for 
Internet Protocol (IP) security. Upon the successful completion of the 
negotiation of the phase two security association, data may be transferred 
between the plurality of nodes 110 establishing the tunnel 120. (Column 7, 
lines 26-30) 

The Office Action claims the cited language above teaches "establishing a tunnel 
having a tunnel definition by negotiating a common security policy associated with the client 
and the server." 

Nothing in the cited section refers to, teaches, or suggests the claimed "creating and 
storing a third description of network traffic that is to be protected based on determining a 
logical intersection of the first description of network traffic and the second description 
of network traffic." Neither does the Examiner's assertion that the cited language teaches 
"negotiating a common security policy" teach the claimed limitation. The cited language only 
describes some generic "negotiation" between nodes. Further, as discussed supra, the claimed 
limitation "description of network traffic" is not taught by Cheng. 

By comparison, the present application teaches, among other things, a method for 
determining a common subset of proxies based on the full proxy of the peers. Cheng simply 
teaches a negotiation between nodes wherein a secure tunnel is established and data 
transferred if the "security policy of the responding node matches the security policy of the 
initiator node," (Cheng, column 7, lines 46-48) or if "both nodes agree on the same set of 
protection suites in their security policy at any point in time." (Cheng, column 7, lines 50-52) 

This is strikingly different from the claimed limitation, which allows for creating and 
storing a description of network traffic. Cheng teaches neither the claimed description of 
network traffic nor does it teach storing this information. This "description of network traffic" 
is a logical intersection that, in one embodiment, determines the protocol, proxy address, and 
port values based upon characteristics of both the initiator peer and responder peer. See FIG. 3 
and Section 3.0. 
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Because Cheng fails to disclose, teach, suggest, or in any way render obvious the 
limitations of Claim 1, Applicant respectfully submits that, for at least the reasons stated 
above, Claim 1 is allowable over the art of record and is in condition for allowance. 

B. CLAIMS 5, 7, 11 

Claims 5, 7 and 1 1 are dependent claims, each of which depends (directly or 
indirectly) on Claim 1. Each of Claims 5, 7 and 1 1 is therefore allowable for the reasons given 
above for the claim on which it depends. In addition, each of Claims 5, 7 and 1 1 introduces 
one or more additional limitations that independently render it patentable. However, due to the 
fundamental differences already identified, to expedite the positive resolution of this case a 
separate discussion of those limitations is not included at this time. Therefore, it is 
respectfully submitted that Claims 5, 7 and 1 1 are allowable for the reasons given above with 
respect to Claim 1 . 

C. CLAIM 14 

Independent Claim 14 is a computer-readable medium claim containing features that 
are similar to those described above with respect to Claim 1 . Therefore, based on at least the 
reasons stated above with respect to Claim 1, Applicant respectfully submits that Claim 14 is 
allowable over the art of record and is in condition for allowance. 

D. CLAIM 17 

Independent Claim 17 is a method claim that contains features similar to those 
described above with respect to Claim 1. Specifically, Claim 17 claims, among other things, a 
"description of network traffic" that is not taught by Cheng as discussed above. Claim 17 
further claims 

[Receiving at the second network device a third description of network 
traffic that is to be protected from the first network device based on a logical 
intersection of the first description of network traffic and the second 
description of network traffic. . . 

As discussed above, Cheng fails to disclose, teach, suggest, or in any way render 
obvious the limitations of Claim 17. Therefore, based on at least the reasons stated above with 
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respect to Claim 1, Applicant respectfully submits that Claim 17 is allowable over the art of 
record and is in condition for allowance. 

E. CLAIM 18 

Independent Claim 18 is a computer-readable medium claim containing features that 
are similar to those described above with respect to Claim 17. Therefore, based on at least the 
reasons stated above with respect to Claim 17 and Claim 1, Applicant respectfully submits 
that Claim 18 is allowable over the art of record and is in condition for allowance. 

F. CLAIM 20 

Independent Claim 20 is an apparatus claim containing features that are similar to 
those described above with respect to Claim 1 . Therefore, based on at least the reasons stated 
above with respect to Claim 1, Applicant respectfully submits that Claim 14 is allowable over 
the art of record and is in condition for allowance. 

II. Claims 2-4, 6, 8-10, 12-13, 15-16 and 19 have been rejected under 

35 U.S.C. § 103(a) as allegedly unpatentable over Cheng in view of U.S. Patent 

Number 6,823,462 issued to Bendinelli et al. ("Bendinelli "). 

A. CLAIM 19 

The rejection is respectfully traversed, because the Office Action fails to factually 
support any prima facie conclusion of obviousness. 

Specifically, Cheng and Bendinelli, either individually or in combination, fail to 
disclose, teach or suggest all the claim limitations of Claim 19. Claim 19 is an apparatus 
claim containing features that are similar to those described above with respect to Claim 1. 

As discussed above, Cheng fails to disclose the claimed "creating and storing a third 
description of network traffic that is to be protected based on determining a logical 
intersection of the first description of network traffic and the second description of 
network traffic" in the independent Claim 1, and also fails to disclose the claimed 
"description of network traffic" in the independent Claim 1 . 
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Similarly, Bendinelli does not disclose, teach, or suggest the aforementioned two claim 
limitations. Instead, Bendinelli focuses on "methods and systems. . . for enabling a network 
between a first and a second processor using at least one additional processor separate from 
the first and second processors." {Bendinelli, Abstract). 

Notwithstanding the fact that neither Cheng nor Bendinelli disclose "creating and 
storing a third description of network traffic that is to be protected based on determining a 
logical intersection of the first description of network traffic and the second description of 
network traffic" in the independent Claim 1, and also fail to disclose the claimed "description 
of network traffic" in the independent Claim 1, the Applicant respectfully submits that there is 
nothing in either Cheng or Bendinelli that teaches or suggests combining their respective 
teachings. 

As stated in the Federal Circuit decision In re Dembiczak, 50 USPQ.2d 1617 
(Fed. Cir. 1999), (citing Gore v. Garlock, 220 USPQ 303, 313 (Fed. Cir. 1983)), "it is very 
easy to fall victim to the insidious effect of the hindsight syndrome where that which only the 
inventor taught is used against its teacher." Id, The Federal Circuit stated in Dembiczak "that 
the best defense against subtle but powerful attraction of a hindsight-based obviousness 
analysis is rigorous application of the requirement for a showing of the teaching or suggestion 
to combine prior art references." Id. Thus, the Federal Circuit explains that a proper 
obviousness analysis requires "particular factual findings regarding the locus of the 
suggestion, teaching, or motivation to combine prior art references." Id. (emphasis added). 

In particular, the Federal Circuit states: 

"We have noted that evidence of a suggestion, teaching, or motivation to 
combine may flow from the prior art references themselves, the knowledge 
of one of ordinary skill in the art, or, in some cases, from the nature of the 
problem to be solved. . .although 'the suggestion more often comes from the 
teachings of the pertinent references'. . .The range of sources available, 
however, does not diminish the requirement for actual evidence. That is, 
the showing must be clear and particular. . .Broad conclusory statements 
regarding the teaching of multiple references, standing alone, are not 
'evidence.'" Id. (emphasis added; internal citations omitted). 

Neither Cheng nor Bendinelli show any suggestion, teaching, or motivation to 
combine their teachings, nor does the Office Action provide a "clear and particular" showing 



Docket No. 50325-0596 



8 



Application of Fluhrer, Ser. No. 09/990,814, Filed 11/15/2001 
Reply to Office Action 

of the suggestion, teaching, or motivation to combine their teachings. In fact, the only 
motivation provided in the Office Action is the hindsight observation that by combining 
features of those references, one may achieve the benefits achieved from the invention as 
described and claimed in the application. It is respectfully submitted that such a hindsight 
observation is not consistent with the Federal Circuit's requirement for "particular factual 
findings." 

Applicant respectfully submits that, for at least the reasons stated above, Claim 19 is 
allowable over the art of record and is in condition for allowance. 

B. CLAIMS 2-4, 6, 8-10, 12-13, 15-16 

Because Claims 2-4, 6, 8-10, 12-13 andl5-16 either directly or indirectly depend on 
Claims 1 and 17, they are patentable over Cheng in view of Bendinelli for at least the same 
reasons set forth above in Part I and Part n, Section A. 

III. Conclusion 

For the reasons set forth above, it is respectfully submitted that all of the pending 
claims are now in condition for allowance. Therefore, the issuance of a formal Notice of 
Allowance is believed next in order, and that action is most earnestly solicited. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

Please charge any shortages or credit any overages to Deposit Account No. 50-1302. 
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Respectfully submitted, 




Date: June fa ,2005 

2055 Gateway Place, Suite 550 
San Jose, CA 95110-1089 
Telephone: (408)414-1207 
Facsimile: (408)414-1076 

Attachments 



CERTIFICATE OF MAILING 

I hereby certify that this correspondence is being deposited with the United States Postal 
Service as first class mail in an enyekp^addressed to: Commissioner for Patents, 
Mail Stop AMENDMENT, P.qTbox l^vAlexandria, VA 2231X-1450. 
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